Log Monitoring and Anomaly Detection at Scale at ORNL

As a cybersecurity provider for the nation's largest multi-program science and technology laboratory, home to the fastest supercomputer in the world, and the world's top scientists, ORNL cybersecurity group could not afford complacency. See how ORNL transitioned from using COTS toolset to a more cost-effective and flexible open source model by employing NiFi, Kafka, and the Elastic Stack. Learn how ORNL moved beyond the traditional SIEM architecture to a centralized data hub for security related information, providing better opportunities for collaboration between researchers and operations.

Larry Nichols

Security Operations Center Team Lead, Oak Ridge National Laboratory